DIP:调度器的IP地址
RIP:后台真实服务器(realserver)的IP地址
VIP:就是用于服务提供的虚拟IP
LVS的DR模式比较其NAT模式复杂,也不容易实现,因为这种模式更接近与基于硬件的负载均衡,虽然性能较硬件的负载均衡调度还有差距,但是与NAT和TUN模式性能有了较大的提高,其要求调度器和realserver在同一个网段内(可以使用交换机相连,当然也可以基于IP的网络连接),在这里调度器上仅仅使用一张网卡即可,DIP是否等于VIP都可以,DT模式最大的优势在于对服务质量的大幅提高,同时应采取相关的设置对realserver上ARP做的某些限制。
具体实现过程可以这么来说:
1、客户端发来请求报文到调度器,调度器接到分包不做深入的处理,仅仅把目标MAC地址根据算法修改成realserver pool里的某台真实服务器的MAC地址,同时在缓存一份连接记录(确保此次连接的所有报文都传到同一台realserver上)
2、Realserver接到报文,根据要求做相关的处理,处理结束之后,根据自身网卡绑定的VIP地址,改写报文的源、目标地址,直接把报文回复给客户端,而不再经过调度器,在客观上减轻了调度器的负担。
实验的平台三台VM下linux服务器主机(CentOS 7.5,内核是3.6版本的是默认支持LVS的,所以不需要重新编译内核,可以直接使用),其中一台用作调度器,另外两台用作realserver。
第一:在调度器上的设置:
[root@localhost ~]# yum -y install ipvsadm //安装LVS管理工具 [root@localhost ~]# ifconfig //查看初始的网卡信息(这里仅仅采用一张网卡) eth0 Link encap:Ethernet HWaddr 00:0C:29:09:22:5D inet addr:192.168.1.196 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe09:225d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:17657 errors:0 dropped:0 overruns:0 frame:0 TX packets:17945 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:7404853 (7.0 MiB) TX bytes:10817894 (10.3 MiB) Interrupt:169 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:88 errors:0 dropped:0 overruns:0 frame:0 TX packets:88 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:6797 (6.6 KiB) TX bytes:6797 (6.6 KiB) [root@localhost ~]# vi /etc/init.d/lvsdr //编写集群管理脚本,当然你也可以自己逐条添加 #!/bin/bash #description:start LVS of Directorserver DR VIP=192.168.1.200 RIP1=192.168.1.193 RIP2=192.168.1.195 #./etc/rc.d/init.d/functions case "$1" in start) echo "start LVS of DirectorServer DR" /sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev eth0:0 echo "1">/proc/sys/net/ipv4/ip_forward /sbin/ipvadm -C /sbin/ipvsadm -A -t $VIP:80 -s rr //仍然是轮度算法 /sbin/ipvsadm -a -t $VIP:80 -r $RIP1 –g //-g表示采用直接路由模式 /sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -g /sbin/ipvsadm ;; stop) echo "stop LVS of DirectorServer DR" echo "0" >/proc/sys/net/ipv4/ip_forward /sbin/ipvsadm -C /sbin/ifconfig eth0:0 down ;; *) echo "Usage:$0{start|stop}" exit 1 esac [root@localhost ~]# chmod a+x /etc/init.d/lvsndr //加可执行权限 [root@localhost ~]# /etc/init.d/lvsdr start start LVS of DirectorServer DR /etc/init.d/lvsdr: line 13: /sbin/ipvadm: No such file or directory IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.200:http rr -> 192.168.1.195:http Route 1 0 0 -> 192.168.1.193:http Route 1 0 0 [root@localhost ~]# ifconfig //查看变化信息 eth0 Link encap:Ethernet HWaddr 00:0C:29:09:22:5D inet addr:192.168.1.196 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe09:225d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:18342 errors:0 dropped:0 overruns:0 frame:0 TX packets:18549 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:7480550 (7.1 MiB) TX bytes:10886441 (10.3 MiB) Interrupt:169 Base address:0x2000 eth0:0 Link encap:Ethernet HWaddr 00:0C:29:09:22:5D inet addr:192.168.1.200 Bcast:192.168.1.200 Mask:255.255.255.255 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:169 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:88 errors:0 dropped:0 overruns:0 frame:0 TX packets:88 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:6797 (6.6 KiB) TX bytes:6797 (6.6 KiB)
第二:在节点上的设置(由于在两个节点上的设置基本完全相同,故这里只设置节点之一)
在192.168.1.193上
[root@localhost ~]# ifconfig //查看网卡信息 eth0 Link encap:Ethernet HWaddr 00:0C:29:B7:97:5B inet addr:192.168.1.193 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:feb7:975b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:48655 errors:0 dropped:0 overruns:0 frame:0 TX packets:39793 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:16204310 (15.4 MiB) TX bytes:6641366 (6.3 MiB) Interrupt:169 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:12600 errors:0 dropped:0 overruns:0 frame:0 TX packets:12600 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:8047060 (7.6 MiB) TX bytes:8047060 (7.6 MiB) [root@localhost ~]# vi /etc/init.d/lvscdr //编写ARP及VIP绑定脚本(两节点完全相同) #!/bin/bash #descrpption :start realserver DR VIP=192.168.1.200 #./etc/rc.d/init.d/functions case "$1" in start) echo "start LVS of RealServer DR" /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev lo:0 echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2">/proc/sys/net/ipv4/conf/all/arp_announce echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore echo "2">/proc/sys/net/ipv4/conf/all/arp_announce ;; stop) /sbin/ifconfig lo:0 down echo "0">/proc/sys/net/ipv4/conf/lo/arp_ignore echo "0">/proc/sys/net/ipv4/conf/all/arp_announce echo "0">/proc/sys/net/ipv4/conf/all/arp_ignore echo "0">/proc/sys/net/ipv4/conf/all/arp_announce ;; *) echo "Usage:$0 {start|stop}" exit 1 esac [root@localhost ~]# chmod a+x /etc/init.d/lvscdr [root@localhost ~]# /etc/init.d/lvscdr start [root@localhost ~]# ifconfig //查看变化信息 eth0 Link encap:Ethernet HWaddr 00:0C:29:B7:97:5B inet addr:192.168.1.193 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:feb7:975b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:48853 errors:0 dropped:0 overruns:0 frame:0 TX packets:39954 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:16225588 (15.4 MiB) TX bytes:6659428 (6.3 MiB) Interrupt:169 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:12600 errors:0 dropped:0 overruns:0"frale:0 $( TX packets:12600 erpors*0 dropped:8 oferruns:0 carrier:0 collishons:0 tXqueuelen:0 0 ` RX bytes:8047060 (7.6 MiB) VX bytes:8047060 (7.6 MiB) ìo:0" Link encap:Local LoopbacK ! ijet addr:192.16:.1.200 Mcsk:2%5.255.055.255 ` UP LOOPBACK RUN ING MTU*1643¶ Metric:1
第三测试的部分:
为了测试效果明显,所以在rea,server特意设罦网页的䆅容不同,当然这仅仅是为了测试用,在真实的环境中是必须保持网顴内容的完兩相尌的
测试效果
在地址栏釈输入VIP测诅,并临不断的列新页面
M在调约器上观看
[root@localhost ~] (ipvsaɤ聭 Iࡐ Virtual œerѶer versio 1®2.9 (ѳize=4096) Prot耠LocalAddress:Port0Schedul%r цlags -耾ࠠRemoteAddr%ss:ѐort Ƞ Forward Weight ActiveConn InActConn TCP 192.168.1.200:http rr -> 192.168.1.195:http Route 1 0 5 -> 192.168.1.193:http Route 1 0 4 [root@localhost ~]# ipvsadm -lnc IPVS connection entries pro expire state source virtual destination TCP 01:51 FIN_WAIT 192.168.1.188:53751 192.168.1.200:80 192.168.1.193:80 TCP 01:53 FIN_WAIT 192.168.1.188:53760 192.168.1.200:80 192.168.1.195:80 TCP 01:52 FIN_WAIT 192.168.1.188:53755 192.168.1.200:80 192.168.1.193:80 TCP 01:53 FIN_WAIT 192.168.1.188:53756 192.168.1.200:80 192.168.1.195:80 TCP 00:46 FIN_WAIT 192.168.1.188:53746 192.168.1.200:80 192.168.1.195:80 TCP 01:53 FIN_WAIT 192.168.1.188:53759 192.168.1.200:80 192.168.1.193:80 TCP 01:53 FIN_WAIT 192.168.1.188:53757 192.168.1.200:80 192.168.1.193:80 TCP 01:52 FIN_WAIT 192.168.1.188:53754 192.168.1.200:80 192.168.1.195:80 TCP 01:53 FIN_WAIT 192.168.1.188:53758 192.168.1.200:80 192.168.1.195:80